Tag Archives: Atmel ATECC108

The CryptoCape is the BeagleBone’s first dedicated security daughterboard


The CryptoCape extends the hardware cryptographic abilities of the BeagleBone Black.


With the insecurity of connected devices called into question time and time again, wouldn’t it be nice to take comfort in knowing that your latest IoT gadget was secure? A facet in which many Makers may overlook, Josh Datko recently sought out to find a better way to safeguard those designs, all without hindering the DIY spirit. The result? The CrytpoCape — which initially debuted on SparkFun last year — is a dedicated security daughterboard for the BeagleBone that easily adds encryption and authentication options to a project.

Generally speaking, cryptography offers a solution to a wide-range of problems such as authentication, confidentiality, integrity and non-repudiation, according to Datko. SparkFun notes that the $60 Atmel powered cape adds specialized ICs that perform various cryptographic operations, amplifying a critical hardware security layer to various BeagleBone projects.

The CyrptoCape is packed with hardware, including 256k EEPROM with a defaulted I2C address (plus write protection), a real-time clock (RTC) module, a Trusted Platform Module (TPM) for RSA encryption/decryption, an AES-128 encrypted EEPROM, an ATSHA204 CrypoAuthentication chip that performs SHA-256 and HMAC-25 and an Atmel ATECC108 tasked with the Elliptic Curve Digital Signature Algorithm (ECDSA).

“You will also find an Atmel ATmega328P microcontroller and a large prototyping area available on the board. The ATmega is loaded with the Arduino Pro Mini 3.3V bootloader and has broken out most of the signals to surrounding pads,” its SparkFun page reveals.

Beyond that, each easy-to-use CryptoCape comes with pre-soldered headers making this board ready to be attached to your BeagleBone right out of the box. The only additional item a Maker will need to get the CryptoCape fully-functional is a CR1225 coin-cell battery.

Interested? You can check out the product’s official SparkFun page here. Meanwhile, those looking to learn more should also pick up a copy of Datko’s book entitled “BeagleBone for Secret Agents.” The third chapter of the resource is devoted to the CryptoCape where Makers will learn how to combine a fingerprint sensor, the on-board ATmega328P, and the crypto chips to make a biometric authentication system.

Keeping consumables real


The most cost-effective and secure way to keep things real is through symmetric authentication without secret storage on the host using a fixed challenge.


With the ever present threat of counterfeiting, having a cost-effective and highly-secure way to ensure that a consumable product is real is a great idea. In fact, there is a proven industry standard approach to apply sophisticated cryptographic engineering and mathematics to fight counterfeiting; namely, crypto elements like the Atmel ATSHA204A device.

Crypto elements can attach to a consumable good, such as the classic example of an ink cartridge, even without being soldered in. The device can be glued directly outside of the product. When the ink or other consumable is inserted into the host system (where the MCU is), the crypto element makes contact and the host is able to communicate with the item to validate whether or not it is real. This is called authentication.

consumable

The most cost-effective yet secure way to authenticate is through symmetric authentication without secret storage on the host using a fixed challenge.

With symmetric authentication, a client and the host run the exact same calculation on each side, and if the client (the consumable) is real, then the results of those calculations (called the “responses”) will match. There is a way to go about using a very inexpensive MCU without running the crypto calculations within the host side’s MCU. That is where the concept of fixed challenge comes into play. The idea of a fixed challenge is that the calculation done for the host is conducted ahead of time, and the challenge/response pair from that calculation is loaded into the host.

The fixed challenge method is ideal when certain considerations are in play, such as the folowing:

  1. Very limited processing power (e.g. low-cost MCU)
  2. Abundance of available memory to easily store challenge-response pairs (e.g. in a smartphone)
  3. Need to get something out quickly or temporarily (e.g. time to market)
  4. Need a very low cost on the host (e.g. can’t afford adding a key storage device)
  5. Desire to not store a secret key in the host

So, how does a fixed challenge work? Like with other challenge-response operations, the process starts with the host controller sending the client a numerical challenge to be used in a calculation to create a response, which then gets compared to a “response” number in the host. What makes this “fixed” is that, because there is no crypto device in the host to generate random numbers (or make digests using hashing algorithms), the challenge cannot be random. That means that the challenges and their corresponding responses must be pre-calculated using the client’s secret key and the challenge and response pair loaded into the memory of the host. This can be looked at as effectively time-shifting the calculations used for authentication.

fixed 1

Let’s look at an example using the ATSHA204A installed in the client.

Step 1: In the factory when the host manufactured challenges are loaded into the host MCU memory together with a response that is calculated by hashing the client’s secret with that challenge.

Step 2: When the consumable is inserted into the host machine out in the field, the host MCU will ask the client (consumable) to prove it is real by sending it the preloaded challenge.

Step 3: The client will then run the hash algorithm on that challenge number using its stored secret key to generate a response, which it sends back to the host.

Step 4: The host will compare the response from the clients with the preloaded response value stored in its memory.

Step 5: If the client is real, the response from the client (which is the hash value based on the secret key and the challenge) will be the same as the response value that was preloaded in the host.

Since each host is loaded with a different challenge/response pair, each product that the host is incorporated into is then unique by definition. Cloning beyond only one copy is impossible; thus, this is a highly-secure and very cost-effective technique as it can be easily implemented with very inexpensive MCUs.

This approach can be used for firmware protection and designs with no secrets in the host (as noted), as well as be implemented with very low-cost MCUs that do not have the processing power to run the hashing algorithms.

The many benefits of fixed challenge authentication:

  • Symmetric authentication is fast
  • No secrets in the host
  • Can use low-cost MCU of host because less computation is needed for a fixed challenge
  • Prevents cloning
  • Protects investments in firmware
  • Enhances safety
  • Protects revenue stream
  • Protects brand image
  • Better control of the supply channel

Atmel crypto element devices — including ATSHA204AATECC108AATECC508A and ATAES132A — implement hardware-based key storage, which is much stronger than software based storage due to the defense mechanisms that only hardware can provide against attacks. Secure storage in hardware beats storage in software every time. Adding secure key storage is an inexpensive, easy, and ultra-secure way to protect firmware, software, and hardware products from cloning, counterfeiting, hacking, and other malicious threats.

Atmel and IoT and Crypto, oh my!

One of the companies that is best positioned to supply components into the Internet of Things (IoT) market is Atmel. For the time being most designs will be done using standard components, not doing massive integration on an SoC targeted at a specific market. The biggest issue in the early stage of market development will be working out what the customer wants and so the big premium will be on getting to market early and iterating fast, not premature cost optimization for a market that might not be big enough to support the design/NRE of a custom design.

Latest product in Atmel's SmartConnect family, the SAM W25 module

Here is Atmel’s latest product in the SmartConnect family, the SAM W25 module

Atmel has microcontrollers, literally over 500 different flavors and in two families, the AVR family and a broad selection of ARM microcontrollers ad processors. They have wireless connectivity. They have strong solutions in security.

Indeed last week at Electronica in Germany they announced the latest product in the SmartConnect family, the SAM W25 module. It is the industry’s first fully-integrated FCC-certified Wi-Fi module with a standalone MCU and hardware security from a single source. The module is tiny, not much larger than a penny. The module includes Atmel’s recently-announced 2.4GHz IEEE 802.11 b/g/n Wi-Fi WINC1500, along with an Atmel | SMART SAM D21 ARM Cortex M0+-based MCU and Atmel’s ATECC108A optimized CryptoAuthentication engine with ultra-secure hardware-based key storage for secure connectivity.

Atmel at Electronica 2014

Atmel at Electronica 2014

That last item is a key component for many IoT designs. Security is going to be a big thing and with so many well-publicized breaches of software security, the algorithms, and particularly the keys, are moving quickly into hardware. That component, the ATECC108A, provides state-of-the-art hardware security including a full turnkey Elliptic Curve Digital Signature Algorithm (ECDSA) engine using key sizes of 256 or 283 bits – appropriate for modern security environments without the long computation delay typical of software solutions. Access to the device is through a standard I²C Interface at speeds up to 1Mb/sec. It is compatible with standard Serial EEPROM I²C Interface specifications. Compared to software, the device is:

  • Higher performance (faster encryption)
  • Lower power
  • Much harder to compromise

Atmel has a new white paper out, Integrating the Internet of Things, Necessary Building Blocks for Broad Market Adoption. Depending on whose numbers you believe, there will be 50 billion IoT edge devices connected by 2020.

Edge nodes are becoming integrated into everyone’s life

As it says in the white paper:

On first inspection, the requirements of an IoT edge device appear to be much the same as any other microcontroller (MCU) based development project. You have one or more sensors that are read by an MCU, the data may then be processed locally prior to sending it off to another application or causing another event to occur such as turning on a motor. However, there are decisions to be made regarding how to communicate with these other applications. Wired, wireless, and power line communication (PLC) are the usual options. But, then you have to consider that many IoT devices are going to be battery powered, which means that their power consumption needs to be kept as low as possible to prolong battery life. The complexities deepen when you consider the security implications of a connected device as well. And that’s not just security of data being transferred, but also ensuring your device can’t be cloned and that it does not allow unauthorized applications to run on it.
IoT Design Requirements - Software / Development Tools Ecosystem

IoT design requirements: Software / development tools ecosystem

For almost any application, the building blocks for an IoT edge node are the same:

  • Embedded processing
  • Sensors
  • Connectivity
  • Security
  • And while not really a “building block,” ultra-low power for always-on applications

My view is that the biggest of these issues will be security. After all, even though Atmel has hundreds of different microcontrollers and microprocessors, there are plenty of other suppliers. Same goes for connectivity solutions. But strong cryptographhic solutions implemented in hardware are much less common.

The new IoT white paper is available for download here.

This post has been republished with permission from SemiWiki.com, where Paul McLellan is a featured blogger. It first appeared there on November 19, 2014.

HackADay talks CryptoCape

The CryptoCape – which recently made its debut on SparkFun – is a dedicated security daughterboard for the BeagleBone designed in collaboration with Cryptotronix’s Josh Datko, which features Atmel’s Trusted Platform Module and SHA-256 Authenticator.

12773-03a

HackADay’s Brian Benchoff was lucky enough to catch up with Josh and asked him to break down how the nifty device works.

“If you need to add security to your project or you want to learn more about embedded security the CryptoCape adds encryption and authentication options,” the Maker added.

As its webpage notes, the CryptoCape functions as the BeagleBone’s first dedicated security daughterboard. Known as a BeagleBone Cape, the device attaches to the expansion headers of the BeagleBone and “adds specialized ICs that perform various cryptographic operations which will allow you to add a hardware security layer to your BeagleBone project.”

12773-05a

Previously discussed on Bits & Pieces, the CyrptoCape is packed with hardware, including 256k EEPROM with a defaulted I2C address (plus write protection), a real-time clock (RTC) module, a trusted platform module (TPM) for RSA encryption/decryption, an AES-128 encrypted EEPROM, an Atmel ATSHA204 authentication chip that performs SHA-256 and HMAC-25 and an Atmel ATECC108 that performs the Elliptic Curve Digital Signature Algorithm (ECDSA).

The reasoning behind the developer’s choice to use the SHA-256 Authenticator? “It creates 256-bit keys that can be used in keyed Message Authentication Codes (MACs), or HMAC, to prove the authenticity of the device.” In addition, the authenticator allows the device to “implement an anti-counterfeiting system with the exchange of nonces and MACs between other embedded devices.”

If you are interested in boosting the security of your Maker project or learning more about the CryptoCape, you can head to the product’s official SparkFun page here.